我遇到了一個非常棘手的問題。我有一個我剛剛修改的Web應用程序,它允許客戶提供可用於掛接到實體保存管道的自定義程序集。這些自定義程序集是在實體持久化到數據庫時通過反射加載的。它們是指處理所有數據訪問的通用DAL程序集。通過反射加載的程序集中的SqlClientPermission失敗
我有一個測試服務器(Win2k3),該系統的工作完美無瑕。現在我已經將它推送到我的生產服務器集羣(一個Win2k3和一個Win2k8),我的自定義程序集第一次調用訪問數據庫的DAL方法(SQL2005)。我收集的日誌信息表明獲取SqlClientPermission失敗。與最佳做法相反,我的網絡應用程序以完全信任模式運行。我的自定義程序集是強命名的。
有什麼建議可以在我的測試服務器配置和我的生產服務器配置之間尋找差異嗎?如果這不是適當的論壇,哪一個是?
感謝, 馬修
不是一個答案,但更多的信息比我可以把評論...
現在,這是一個Win2k8 VS WIN2K3問題,因爲我不再獲得將出現集羣中Win2k3服務器日誌中的任何異常。
基本上,發生什麼事是我們的實體保存管道檢查,看看被保存的實體類型是否實現了某個接口。如果是這樣,那麼應用程序將出現在數據庫中以檢索實現客戶特定的預保存和保存後功能的類的程序集和類名稱。這些程序集位於名爲「Assemblies \」的文件夾中的「App_Data」文件夾下。應用程序然後加載程序集;使用反射將該程序集中的適當類實例化爲接口,然後在該接口上調用前後保存方法,以針對該特定實體類型執行客戶特定的操作。在我們的例子中,這個自定義操作使用我們的DAL(使用LLBLGen,FWIW)實體類來執行一些數據庫操作。
我最初的問題是,我得到了一個關於不允許部分信任調用者的SecurityException,所以我裝飾了與「AllowPartiallyTrustedCallers」屬性一起使用的程序集。我實例化一個SqlClientPermission和「Assert()」它,但我沒有在任何地方實際授予該權限(除了我的Web應用程序在FullTrust中運行)。
感謝力所能及的幫助,您可以提供...
馬修
這裏是異常的的ToString()輸出獲取引發:
Error performing post-save operation on entity 373c595e-843b-45a1-82d0-aa166daf75de of type SS2DAL.EntityClasses.SurveyResponseEntity: SD.LLBLGen.Pro.ORMSupportClasses.ORMQueryExecutionException: An exception was caught during the execution of a retrieval query: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.. Check InnerException, QueryExecuted and Parameters of this exception to examine the cause of this exception. ---> System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteDbDataReader(CommandBehavior behavior)
at System.Data.Common.DbCommand.System.Data.IDbCommand.ExecuteReader(CommandBehavior behavior)
at SD.LLBLGen.Pro.ORMSupportClasses.RetrievalQuery.Execute(CommandBehavior behavior)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Data.SqlClient.SqlClientPermission
The first permission that failed was:
<IPermission
version="1"
AllowBlankPassword="False">
<add KeyRestrictions=""
KeyRestrictionBehavior="AllowOnly"/>
</IPermission>
The demand was for:
<IPermission
version="1"
AllowBlankPassword="False">
<add KeyRestrictions=""
KeyRestrictionBehavior="AllowOnly"/>
</IPermission>
The granted set of the failing assembly was:
<PermissionSet
version="1">
<IPermission
version="1"
Access="Open"/>
<IPermission
version="1"
Allowed="ApplicationIsolationByUser"
UserQuota="512000"/>
<IPermission
version="1"
Flags="Execution"/>
<IPermission
version="1"
Window="SafeTopLevelWindows"
Clipboard="OwnClipboard"/>
<IPermission
version="1"
PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100B55C03865E07BCB230B04EF7D9ACF1E7BF41C618DB1327895C25328446039F51CF237A50989E542D3FA9BB5991D303388C5AAC7AE4E071CD7B42B96B16256FF905EC610107DB2A0872E971253919BA528187489FC89FD083118F562319BF3B66CB79035EC50D2291561D4F2B9733AD5E0ECD9BFF9B80B94C40F5888D4E1C5BDD"
Name="ProjectHelpers.Extensions"
AssemblyVersion="2.2009.208.1821"/>
<IPermission
version="1"
Url="file://dc01.bizspeed.datacenter/websites/sitesupervisor files/prjh/ProjectHelpers.Extensions.dll"/>
<IPermission
version="1"
Zone="Internet"/>
<IPermission
version="1"
Level="SafePrinting"/>
</PermissionSet>
The assembly or AppDomain that failed was:
ProjectHelpers.Extensions, Version=2.2009.208.1821, Culture=neutral, PublicKeyToken=4405fd38c7d52787
The method that caused the failure was:
SD.LLBLGen.Pro.ORMSupportClasses.EntityBase2 AfterSave(SD.LLBLGen.Pro.ORMSupportClasses.EntityBase2, SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase)
The Zone of the assembly that failed was:
Internet
The Url of the assembly that failed was:
file://dc01.bizspeed.datacenter/websites/sitesupervisor files/prjh/ProjectHelpers.Extensions.dll
--- End of inner exception stack trace ---
at SD.LLBLGen.Pro.ORMSupportClasses.RetrievalQuery.Execute(CommandBehavior behavior)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.ExecuteSingleRowRetrievalQuery(IRetrievalQuery queryToExecute, IEntityFields2 fieldsToFill, IFieldPersistenceInfo[] fieldsPersistenceInfo)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntityUsingFilter(IEntityFields2 fieldsToFetch, IFieldPersistenceInfo[] persistenceInfos, IRelationPredicateBucket filter)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntityUsingFilter(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath, Context contextToUse, IRelationPredicateBucket filter, ExcludeIncludeFieldsList excludedIncludedFields)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntity(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath, Context contextToUse, ExcludeIncludeFieldsList excludedIncludedFields)
at SD.LLBLGen.Pro.ORMSupportClasses.DataAccessAdapterBase.FetchEntity(IEntity2 entityToFetch, IPrefetchPath2 prefetchPath)
at ProjectHelpers.Extensions.SurveyResponseSaveHelper.AfterSave(EntityBase2 entity, DataAccessAdapterBase adapter)
at SS2.RemoteObjects.DataPortal.EntitySaveWithoutRemoting(EntityBase2 entity, AuditSettings auditSettings, AuthTicket at) [NDC:(null)]
這裏是方法在彈反射的物體上:
public EntityBase2 AfterSave(EntityBase2 entity, DataAccessAdapterBase adapter)
{
SurveyResponseEntity response = entity as SurveyResponseEntity;
if (response.IsComplete) // we only really want to do this if the survey has been completed.
{
SurveyEntity survey = new SurveyEntity(response.SurveyRefId);
IPrefetchPath2 questionSetPath = new PrefetchPath2((int)SS2DAL.EntityType.SurveyEntity);
IPredicateExpression filter = new PredicateExpression(QuestionSetFields.Current == 1);
questionSetPath.Add(SurveyEntity.PrefetchPathQuestionSetCollection, 1, filter)
.SubPath.Add(QuestionSetEntity.PrefetchPathQuestionPageCollection)
.SubPath.Add(QuestionPageEntity.PrefetchPathQuestionCollection);
if (adapter.FetchEntity(survey, questionSetPath))
{
// we need to instantiate the survey template save handler from this survey response (if it exists)
// then execute
if (!String.IsNullOrEmpty(survey.PostSaveAssemblyName) && !String.IsNullOrEmpty(survey.PostSaveClassName))
{
try
{
string assemblyPath = (new FileService()).GetRootAssemblyURL();
Assembly asm = Assembly.Load(File.ReadAllBytes(Path.Combine(assemblyPath, survey.PostSaveAssemblyName)));
if (asm != null)
{
Type t = asm.GetType(survey.PostSaveClassName);
ISurveyPostSaveHandler cls = (ISurveyPostSaveHandler)Activator.CreateInstance(t);
if (cls != null)
{
cls.AfterSave(response, survey, adapter);
}
}
}
catch (Exception ex)
{
// at some point, we need to add some logging here.
Logger.ErrorFormat("There was an error post-processing survey response {0} from survey {1}: {2}", response.SurveyResponseId, survey.Name, ex.ToString());
throw ex;
}
}
}
else
{
Logger.ErrorFormat("Could not post process response {0} because the parent survey could not be located", response.SurveyResponseId);
throw new ApplicationException(String.Format("Could not post process response {0} because the parent survey could not be located", response.SurveyResponseId));
}
}
return response;
}
#endregion
}
我碰到類似的是起訴沒有反思。我正在將一個已編譯的項目從我的Win 2k3機器移至Win 2k8。 - 在IIS中,在您要訪問的bin文件夾下右鍵單擊。 - 轉到「編輯權限...」。 - 在「常規」選項卡的最底部,可能有一個按鈕顯示「解除鎖定」。
贏2k8似乎不喜歡從其他環境複製的DLL。
您能提供執行數據訪問的代碼片段以及它返回的特定錯誤消息嗎? – 2009-07-31 19:43:17
他們太長了,所以我把他們作爲新的「答案」 – 2009-07-31 19:51:46